Bugs item #962223, was opened at 2004-05-28 15:47 Message generated for change (Settings changed) made by anbenham You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=376685&aid=962223&group_id=22866
Category: JBossSX Group: v3.2 Status: Open Resolution: None Priority: 5 Submitted By: anbenham (anbenham) >Assigned to: Scott M Stark (starksm) Summary: SecurityAssociation mixing users Initial Comment: Calling SecurityAssociation in the login Page or just after the logout gives sometimes the subject or the principal of another user, who is logged in in another Session . To get the error: 1- Build the application, or use the ear in dist 1a- Add the lines from my login-config.xml to your jboss login-config.xml 1b- add the file sec.jar to your server lib !!!! 2- Start the application (http://localhost:8080/secsample) 3- Log in with admin admin (and donīt log out) 4- Start another session 5- Log in with master master, then log out 6- You would see on the login page : Security Information request.getUserPrincipal()==> null SecurityAssociation.getPrincipal()==> null SecurityAssociation.getSubject()==> Betreff: Principal: [EMAIL PROTECTED] Principal: Roles(members:authenticated,delete,show,edit) Principal: CallerPrincipal (members:[EMAIL PROTECTED] d) Principals in Subject: [EMAIL PROTECTED] Roles(members:authenticated,delete,show,edit) CallerPrincipal (members:[EMAIL PROTECTED] d) Is this normal? I am using JBos 3.2.3 with embedded Tomcat ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=376685&aid=962223&group_id=22866 ------------------------------------------------------- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click _______________________________________________ JBoss-Development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
